I built an Azure Devops pipeline what signs the apk after it is done:
- task: AndroidSigning#3
displayName: 'Signing and aligning APK file(s) **/*.apk'
inputs:
apkFiles: '**/*.apk'
apksign: true
apksignerKeystoreFile: upload-keystore.jks
apksignerKeystorePassword: $(upload-keystore-password)
apksignerKeystoreAlias: upload
apksignerKeyPassword: $(upload-keystore-password)
It signs the APK as it should. The problem that I have this in my build.gradle:
buildTypes {
release {
// TODO: Add your own signing config for the release build.
// Signing with the debug keys for now, so `flutter run --release` works.
signingConfig signingConfigs.debug
shrinkResources false // Add this line
minifyEnabled false // Also add this line
}
}
As you can see it is not setup to sign by my key. Like this the signing works in pipeline but does not work if I use the flutter build apk in console.
But if I setup the build.gradle as the docs says https://docs.flutter.dev/deployment/android:
signingConfigs {
release {
keyAlias keystoreProperties['keyAlias']
keyPassword keystoreProperties['keyPassword']
storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
storePassword keystoreProperties['storePassword']
}
}
buildTypes {
release {
signingConfig signingConfigs.release
}
}
Then the pipeline throws the
* What went wrong:
Execution failed for task ':app:validateSigningRelease'.
> Keystore file not set for signing config release
error because I'd rather not git add the key.properties that has the password or my JKS file that I sign the APK with.
I'd like the pipeline to work but also if I use the flutter build apk command it gives me a signed APK.
What could be the solution?
Recently, we had to register a new upload key on our app in the google play store (internal track), though the setup seems a little different from our previous approach that requested a password on the key alias when creating a key using keytool on .jks format
We originally stored the storeFile & storePassword along with multiple key<Flavor>Alias & key<Flavor>Password in a keystore.properties file which worked fine, and our build.gradle looped over our product flavors assigning each signing config to the flavor.
Now though, when running this in the CLI as instructed by google play console to generate a new certificate:
keytool -genkeypair -alias upload -keyalg RSA -keysize 2048 -validity 9125 -keystore keystore.jks
keytool -export -rfc -alias upload -file upload_certificate.pem -keystore keystore.jks
the upload key was created, but it did not prompt for a key password.
So now I'm wondering how to build the app without having it signed when running the gradle bundle<Flavour>Release command?
For more clarity on our current setup:
def keystorePropertiesFile = rootProject.file("keystore.properties")
def keystoreProperties = new Properties()
keystorePropertiesFileExists && keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
android {
ndkVersion rootProject.ext.ndkVersion
compileSdkVersion rootProject.ext.compileSdkVersion
signingConfigs { }
defaultConfig {
applicationId <application-id>
minSdkVersion rootProject.ext.minSdkVersion
targetSdkVersion rootProject.ext.targetSdkVersion
resValue "string", "build_config_package", <application-id>
}
flavorDimensions "default"
productFlavors {
Staging { applicationId "<application-id>.staging" }
RC { applicationId "<application-id>.rc" }
Production {}
}
buildTypes {
debug { signingConfig null }
release {
productFlavors.all { flavor ->
flavor.signingConfig = android.signingConfigs.create("${flavor.name}")
flavor.signingConfig.storeFile = rootProject.file(keystoreProperties["storeFile"])
flavor.signingConfig.storePassword = keystoreProperties["storePassword"]
flavor.signingConfig.keyAlias = keystoreProperties["keyAlias${flavor.name}"]
flavor.signingConfig.keyPassword = keystoreProperties["keyPassword${flavor.name}"]
}
minifyEnabled enableProguardInReleaseBuilds
proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
debuggable false
}
}
We also use fastlane to handle our uploads with supply, are the specific commands (I can't see any) that would need to be amended for this?
Thanks!
I create a key with this command :
keytool -genkey -v -keystore first-key.keystore -alias first-key-alias -keyalg RSA -keysize 2048 -validity 1000
and add this to gradle file :
signingConfigs {
release {
storeFile file('/home/mohamadreza/keys/first-key.keystore')
storePassword '1234567890'
keyAlias = 'first-key-alias'
keyPassword 'qq-2012'
}
}
buildTypes {
release {
// Caution! In production, you need to generate your own keystore file.
// see https://facebook.github.io/react-native/docs/signed-apk-android.
signingConfig signingConfigs.release
minifyEnabled enableProguardInReleaseBuilds
proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
}
}
then I run this command:
cd android && ./gradlew assembleRelease
I got this error:
Could not determine the dependencies of task ':app:lintVitalRelease'.
> Could not resolve all task dependencies for configuration ':app:lintClassPath'.
> Could not find com.android.tools.lint:lint-gradle:26.4.2.
Searched in the following locations:
...
my classpath : classpath('com.android.tools.build:gradle:3.4.2')
how can I fix it?
This same issue I faced today.
I tried the following thing:
I deleted the output.json file from the folder
"yourProject/android/app/build/outputs/apk/release".
And RUN command to build the application.
It worked for me.
Hope will work for you too
I'm trying to set up my Android project so that I can have 3 different versions of it working in parallel, pointing to different backend APIs and so on:
A debug/dev version that I only use for my own development
A beta/qa version that I release internally to my customer so that they can test the app without messing with the production environment
A production version that is released to the Play Store for everyone to use
As I said, the 3 versions should be installable in parallel on the same device (so I guess they should have different application ids), with different icons, point to different backend APIs and so on.
For that, I figured the best option would be to use product flavors like so:
android {
compileSdkVersion 28
defaultConfig {
applicationId "com.myapp"
minSdkVersion 19
targetSdkVersion 28
versionCode 1
versionName "1.0"
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
}
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
}
}
flavorDimensions "env"
productFlavors {
dev {
dimension "env"
applicationId "com.myapp.dev"
resValue 'string', 'backend_url', 'https://dev.example.com'
}
beta {
dimension "env"
applicationId "com.myapp.beta"
resValue 'string', 'backend_url', 'https://beta.example.com'
}
prod {
dimension "env"
applicationId "com.myapp"
resValue 'string', 'backend_url', 'https://www.example.com'
}
}
}
And I created the corresponding dev, beta and prod directories under src, to have separate resources there, like the launcher icon for each flavor for example.
Now I would like to integrate Google Maps into my app. So I created a Google Maps Activity and Android studio came up with 2 google_maps_api.xml that he put in the debug and release subdirectories in src. If I'm not mistaken, those configuration files should be flavor-specific instead of buildType-specific, so I moved the one from debug into dev, I moved the one from release into beta and I copied the one from beta into prod. So now I have the following file structure:
So now I'm getting to the point where I need to generate Google Maps API keys for each flavor and restrict them to each flavor of my app. But in order to do that, I need to specify the SHA-1 fingerprint in each Google Cloud Project's API key. And I'm not sure which one to use there. Can I just use the same SHA-1 fingerprint for all of them? Am I supposed to have a different SHA-1 fingerprint for each build type (debug/release) or for each flavor (dev/qa/prod)? If so, how do I find the right fingerprint to use for each key?
Note that I tried the Gradle signing report, but it didn't help much:
13:05:37: Executing task 'signingReport'...
Executing tasks: [signingReport]
> Task :app:signingReport
Variant: prodDebug
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: devRelease
Config: none
----------
Variant: prodRelease
Config: none
----------
Variant: betaRelease
Config: none
----------
Variant: prodReleaseUnitTest
Config: none
----------
Variant: betaDebugAndroidTest
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: devReleaseUnitTest
Config: none
----------
Variant: prodDebugUnitTest
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: devDebugUnitTest
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: devDebugAndroidTest
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: betaDebugUnitTest
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: devDebug
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: betaReleaseUnitTest
Config: none
----------
Variant: prodDebugAndroidTest
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
Variant: betaDebug
Config: debug
Store: /Users/sarbogast/.android/debug.keystore
Alias: AndroidDebugKey
MD5: 93:AA:D5:1B:0D:EA:7B:49:0B:BE:9F:13:FA:46:74:3F
SHA1: 09:FE:D6:BF:19:44:FC:BB:AB:7E:24:19:F7:A9:7D:31:2B:A5:55:17
SHA-256: 62:99:B8:38:07:B1:41:63:62:39:1B:2F:8A:80:F4:F6:E6:A5:97:2C:D0:7B:28:1E:34:2F:90:D1:10:C3:04:C4
Valid until: Monday, November 9, 2043
----------
BUILD SUCCESSFUL in 1s
1 actionable task: 1 executed
13:05:38: Task execution finished 'signingReport'.
I'm still relatively new to this whole Android ecosystem and I couldn't find a lot of documentation about this kind of setup, so I'm not sure I'm doing the right thing either.
May be problem in your signingConfig
Try this,
signingConfigs {
productname{
storeFile file("release.keystore") //or jKs file path
storePassword "myPassword"
keyAlias "myAlias"
keyPassword "Something...."
}
}
buildTypes {
debug {
signingConfig signingConfigs.productname
}
release {
signingConfig signingConfigs.productname
}
}
Since you have 3 different Google Cloud Projects I believe you will need 3 different SHA-1 fingerprints one for each of your flavors, since you have 3 different google_maps_api.xml files.
If I am not mistaken, on each of the google_maps_api.xml a different SHA-1 key should be present there.
I'm trying to have a jenkins job to automatically compile and sign my APK file with a keystore I have in a folder. I've tried this:
SET JAVA_HOME=C:\Program Files\Java\jdk1.7.0_79
SET ANDROID_HOME=E:\androidsdk
SET PATH=%PATH%;%JAVA_HOME%;%ANDROID_HOME%
SET ZIPALIGN="%ANDROID_HOME%\build-tools\23.0.3\zipalign"
echo %cd%
gradlew assembleDebug & "%JAVA_HOME%\bin\jarsigner" -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore key-jenkins\MyKey.jks -storepass rusavon app\build\outputs\apk\app-debug-unsigned.apk Mypassword& %ZIPALIGN% -v 4 app\build\outputs\apk\app-debug-unsigned.apk app\build\outputs\apk\debug-r%SVN_REVISION%.apk
but it's not working. (it used to work in other project where gradle was used instead of gradlew).
You should consider adding build types and signing config in build.gradle and then running the ./gradlew assembleRelease
It should build a signed apk.
Make following changes to build.gradle.
buildTypes {
// Debug Configuration
debug {
testCoverageEnabled = true
debuggable true
}
// Release Configuration
release {
testCoverageEnabled = false
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.txt'
signingConfig signingConfigs.release
}
and then have these signing configs :
signingConfigs {
debug {
storeFile file("xx-key.keystore")
storePassword "xx123"
keyAlias "xxxx"
keyPassword "xx123"
}
release {
keyAlias 'xxxx'
keyPassword 'xx123'
storeFile file('xxxxxx-Key.keystore')
storePassword 'xx12'
}
}
Run command to generate signed apk : ./gradlew assembleRelease